Please wait a minute...


    15 December 2019, Volume 5 Issue 6
    Evolution,characteristics and revelation of the US cyber-security review system
    Mengyuan ZHANG,Zhongyi YUAN
    2019, 5(6):  1-9.  doi:10.11959/j.issn.2096-109x.2019057
    Asbtract ( 107 )   HTML ( 33)   PDF (583KB) ( 92 )   Knowledge map   
    References | Related Articles | Metrics

    As the founder of the global internet,the United States has established a well-structured cyber-security review system.It is based on a series of systematic and complete laws,regulations,and has constructed independent and efficient organizations.Such all-around and compulsory system is structured with distinctive characteristics,such as the extension and the procedure of the review in an orderly way,the vague standard and the compulsory results.Thus,it has certain reference significance to the establishment of a sound Chinese cyber-security review system.

    Comprehensive Review
    Overview of control-flow hijacking attack and defense techniques for process
    Fengfeng WANG,Tao ZHANG,Weiguang XU,Meng SUN
    2019, 5(6):  10-20.  doi:10.11959/j.issn.2096-109x.2019058
    Asbtract ( 245 )   HTML ( 58)   PDF (1598KB) ( 264 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    Control flow hijacking attack is a common attack against computer software,which brings great harm to computer software security and is a research hotspot in the field of information security.Firstly,from the perspective of the source of attack code,the related research was expounded on process’s control flow hijacking attack.Secondly,according to the newest development status of control flow hijacking attack technology,the related defense technologies at home and abroad were introduced based on different defense ideas.Finally,the development trend of control flow hijacking offensive and defensive technology were summarized.

    Malware detection approach based on improved SOINN
    Bin ZHANG,Lixun LI,Shuqin DONG
    2019, 5(6):  21-30.  doi:10.11959/j.issn.2096-109x.2019059
    Asbtract ( 97 )   HTML ( 19)   PDF (1407KB) ( 125 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    To deal with the problems of dynamic update of detection model and high computation costs in malware detection model based on batch learning,a novel malware detection approach is proposed by combing SOINN and supervised classifiers,to reduce computation costs and enable the detection model to update dynamically with the assistance of SOINN′s incremental learning characteristic.Firstly,the improved SOINN was given.According to the whole alignment algorithm,search the adjusted weights of neurons under all input sequences in the learning cycle and then calculate the average value of all adjusted weights as the final result,to avoid SOINN′s stability under different input sequences and representativeness of original data,therefore improve malware detection accuracy.Then a data preprocessing algorithm was proposed based on nonnegative matrix factor and Z-score normalization to transfer the malware behavior feature vector from high dimension and high order to low dimension and low order,to speed up and avoid overfitting and further improve detection accuracy.The results of experiments show that proposed approach supports dynamic updating of detection model and has a significantly higher accuracy of detecting unknown new samples and lower computation costs than tradition methods.

    D2D data sharing partner selection mechanism based on privacy degree and stability degree
    Zhangjian HUANG,Guohua YE,Zhiqiang YAO
    2019, 5(6):  31-41.  doi:10.11959/j.issn.2096-109x.2019060
    Asbtract ( 59 )   HTML ( 11)   PDF (1480KB) ( 52 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    Device to device (D2D) data sharing has become a promising solution to offload cellular network traffic,but the privacy vulnerability and service instability of data sharing partners affect the quality of shared services.To solve this problem,a D2D data sharing partner selection mechanism based on degree of privacy degree and stability degree (named PSUS) was proposed.Firstly,the privacy information of the provider was abstracted and summarized,and the privacy measurement method was built according to the privacy preferences of the provider and the historical records of shared services,and the privacy degree of the provider in different shared services was obtained.Then,the data sharing process was designed based on privacy degree,and the provider cached data under the constraints of privacy preferences and participates in sharing services with low privacy to meet the provider's privacy requirements.Finally,on the basis of the provider who has satisfied the privacy requirements,a multi-index evaluation method was designed to evaluate the service stability of providers to select stable sharing partners.The feasibility of the proposed mechanism was demonstrated by analysis of performance.

    Large-scale resource state monitoring strategy in network function virtualization environment
    Meisheng HAI,Peng YI,Yiming JIANG,Jichao XIE
    2019, 5(6):  42-49.  doi:10.11959/j.issn.2096-109x.2019061
    Asbtract ( 81 )   HTML ( 13)   PDF (954KB) ( 52 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    In order to improve the utilization of the infrastructure resource and efficiently deploy the service function chain dynamically in network function virtualization,the orchestration management domain needs to monitor the network resources and virtual network function status in real time,but real-time monitoring will bring large communication overhead.An intelligent distributed monitoring strategy with minimal network communication overhead was proposed.The improved label propagation algorithm intelligently subnets and selects agent monitoring nodes to achieve efficient monitoring of resource and virtual function status and minimize monitoring information communication overhead.The simulation results show that the monitoring strategy proposed reduces the monitoring information communication overhead in the network by about 13%.

    LSTM network traffic prediction and link congestion warning scheme for single port and single link
    Wei HUANG,Cuncai LIU,Sibo QI
    2019, 5(6):  50-57.  doi:10.11959/j.issn.2096-109x.2019066
    Asbtract ( 91 )   HTML ( 13)   PDF (1989KB) ( 80 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    To predict the traffic at single port and single link,two network traffic prediction models based on long short-term memory neural network were proposed.The first model is for the traffic which changes smoothly at large time granularity.The second model is for the nonstationary traffic which fluctuates violently at small time granularity.By selecting different methods of splitting data and training models,two traffic prediction models with different neural network structures were constructed.The experimental results show that the former can achieve a very high accuracy when predicting smoothly changed traffic,the latter has a significantly better prediction effect than the support vector regression model and the back propagation neural network model when dealing with nonstationary traffic.Based on the second model,a link congestion warning scheme with variable parameters was proposed.The scheme is proved to be practicable by experiments.

    Dynamic defense decision method for network real-time confrontation
    Qiang LENG,Yingjie YANG,Dexian CHANG,Ruixuan PAN,Ying CAI,Hao HU
    2019, 5(6):  58-66.  doi:10.11959/j.issn.2096-109x.2019063
    Asbtract ( 83 )   HTML ( 9)   PDF (1375KB) ( 85 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    How to implement defense decision based on network external threat is the core problem of building network information defense system.Especially for the dynamic threat brought by real-time attack,scientific and effective defense decision is the key to construct network dynamic emergency defense system.Aiming at the problem of dynamic defense decision-making,firstly a network survivability game model based on attribute attack graph theory is designed.The attack and defense matrix is used to represent the attack and defense strategy and path,and the attack and defense strength and network survivability quantification method are given.Secondly,the single step and the multi-step attack and defense strategy payoff calculation method is proposed,and the defense decision is based on the attack and defensive strategy payoff.Finally,the effectiveness of the defense decision technology is verified through experiments.

    Link prediction method based on complex network dynamics model
    Yonghao PAN,Hongtao YU,Yiteng WU
    2019, 5(6):  67-74.  doi:10.11959/j.issn.2096-109x.2019065
    Asbtract ( 73 )   HTML ( 17)   PDF (892KB) ( 63 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    Link prediction is an important part of the study of missing links and future formations in complex networks.Currently,network structure-based link prediction methods are rich in results.Research on link prediction based on complex network dynamics model is rare.Firstly,a complex network dynamics model for unlicensed and undirected networks was constructed.Then the quantitative evaluation index of the link prediction node centrality based on the complex network dynamics model was given.Finally,the link prediction method defined by the complex network dynamics model was proposed by the given node centrality quantitative index.Experiments on real network datasets show that the proposed link prediction method has obvious prediction accuracy improvement.

    Fog-aided identity privacy protection scheme for sensing users in mobile crowd sensing
    Hui LIU,Renwan BI,Jinbo XIONG,Mingfeng ZHAO,Biao JIN,Jie LIN
    2019, 5(6):  75-84.  doi:10.11959/j.issn.2096-109x.2019056
    Asbtract ( 91 )   HTML ( 15)   PDF (2030KB) ( 72 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    In mobile crowd sensing(MCS),attackers can reconstruct the social circle among sensing users,who use the social association information among sensing users and the correlation between the sensing user’s identity and sensing data to further attack a social alliance.In order to tackle this issue,a fog-aided identity privacy protection scheme is proposed.Firstly,two fog nodes are introduced which located at the edge of the sensing terminal.The one is task allocation center (TC) for handling the reasonable allocation of sensing tasks,and the other is data center (DC) for calculating sensing data.Furthermore,differential privacy is employed for preventing attackers from acquiring the specific social association weight of sensing users.Finally,in order to prevent attackers from obtaining the sensing users' identity information and sensing data at the same time,sensing users use different blind identities to communicate with TC and DC.Security analysis indicates that the proposed scheme can ensure the security of identity privacy information of sensing users in the process of completing sensing tasks.Experimental results show that the proposed scheme can protect the social association information between sensing users,and has a low delay.

    Multi-granularity Android malware fast detection based on opcode
    Xuetao ZHANG,Meng SUN,Jinshuang WANG
    2019, 5(6):  85-94.  doi:10.11959/j.issn.2096-109x.2019064
    Asbtract ( 104 )   HTML ( 10)   PDF (1329KB) ( 84 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    The detection method based on opcode is widely used in Android malware detection,but it still contains some problems such as complex feature extraction method and low efficiency.In order to solve these problems,a multi-granularity fast detection method based on opcode for Android malware was proposed.Multi-granularity refers to the feature based on the bag of words model,and with the function as basic unit to extract features.By step-by-level aggregation feature,the APK multi-level information is obtained.The log length characterizes the scale of the function.And feature can be compressed and mapped to improve the efficiency and construct the corresponding classification model based on the semantic similarity of the Dalvik instruction set.Tests show that the proposed method has obvious advantages in performance and efficiency.

    Reasoning method for predicting crime partner by using intimacy network of bank accounts
    Fang LYU,Haibo LU,Wei WANG,Junheng HUANG,Bailing WANG
    2019, 5(6):  95-104.  doi:10.11959/j.issn.2096-109x.2019062
    Asbtract ( 103 )   HTML ( 17)   PDF (1153KB) ( 71 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    In recent years,research on the law of capital transactions in the case of stakeholder-type illegal financial activities has attracted the attention of researchers.In order to solve the problem of using the bank transaction data to actively discover the abnormal account criminal crime partners,a crime partner prediction method based on the asymmetric intimacy network of the bank accounts was proposed.Firstly,a general network model for bank account transactions was established to embed time-series transaction data into the network structure.Then,using the direct and indirect transaction relationship information of the node,an account asymmetric intimacy calculation method was proposed.Finally,using the asymmetric interaction information of the nodes on the intimate network,the abnormal tendency index of the nodes is obtained.The experimental results on the actual data of the multi-level marketing group show that the crime partner prediction method based on the intimacy network can effectively find potential pyramid shelling members.

    E-invoice authenticity verification scheme based on signature verification
    Rongna XIE,Weihua MAO,Guozhen SHI
    2019, 5(6):  105-112.  doi:10.11959/j.issn.2096-109x.2019067
    Asbtract ( 100 )   HTML ( 20)   PDF (1232KB) ( 58 )   Knowledge map   
    Figures and Tables | References | Related Articles | Metrics

    With the rapid development of network and information technology,paperless and electronic have become the development trend of today's economic life.As a consumption certificate,electronic invoices have become more and more demanding in e-commerce.The existing electronic invoice verification method is to inquire the invoice information in the national electronic account base according to the invoice number,invoice code,billing date,and amount,and realize the function of comparison inquiry,and can not detect the fraudulent behavior of issuing invoices by non-issuing institutions,and cannot guarantee the full legality and authenticity of electronic invoices.Aiming at the above problems,a verification scheme for electronic invoice authenticity based on signature authentication was proposed.By verifying the signature of the tax agency,the legality verification of the blank electronic invoice is verified,and the digital signature of the seller is verified to determine the authenticity of the invoiced content.Ensure that the electronic invoices passed for verification are true and reliable.

Copyright Information
Bimonthly, started in 2015
Authorized by:Ministry of Industry and Information Technology of the People's Republic of China
Sponsored by:Posts and Telecommunications Press
Co-sponsored by:Xidian University, Beihang University, Huazhong University of Science and Technology, Zhejiang University
Edited by:Editorial Board of Chinese Journal of Network and Information Security
Editor-in-Chief:FANG Bin-xing
Executive Editor-in-Chief:LI Feng-hua
Director:YI Dong-shan
Address:F8,You Dian Publisher Building,No.11,Chengshousi Road,Fengtai District,Beijing 100078,PR China
Tel:+8610-81055479, 81055456
ISSN 2096-109X
CN 10-1366/TP
Total visitors:
Visitors of today:
Now online: